For a root user, there's nothing more frustrating than being denied access to an app simply because they've rooted their own phone or tablet. Of course, since it's rooted, there's probably a root app for that. RootCloak has been a reliable way to get around these content and functionality blocks, and now developer DevAdvance has posted a new version that should work with even more applications.

RootCloak Plus uses Cydia Substrate instead of the Xposed Framework that the original tool was based on. According to the developer, Cydia has access to deeper integration within Android via native calls, letting it successfully bypass root detection on even more apps. Most of the apps that are included in the default list are banking or video streaming services, but you can manually add any app you want. While the description makes sure to note that there is no surefire way to beat root detection, and some custom ROMs may be harder to work with, RootCloak Plus should do the job for most apps.

To get RootCloak Plus working you'll need to download Cydia, then RootCloak Plus, set up both, choose the applicable app, then reboot. If you're using an Android 4.4 device or ROM, you'll also need to download this app and change the SELinux mode to Permissive. I've tested the process on DirecTV's Genie app, and indeed, it seems to bypass the root check effectively. This should be a handy tool for anyone who's tired of messing with their SU app every time they need to check their bank account.

Michael is a native Texan and a former graphic designer. He's been covering technology in general and Android in particular since 2011. His interests include folk music, football, science fiction, and salsa verde, in no particular order.

Comments

Also, due to the article earlier today, I just can't resist be in an "idiot" and shouting FIRST

Deeco

Because you are potentially hacking, which will lead to security vulnerability.

Dmitri Smirnov

Which is stupid. App is running inside a hostile environment. For all it knows, it could be inside a virtual machine with every bit that it operates and passes forth is subject to observation by malicious hacker.
Also, I cannot imagine why would you want to protect your app from your own user, unless there is something very wrong with your business model (like relying on DRM and vendor lock-ins instead of good quality of the content you provide).
Also, it's users device, he's free to do whatever he pleases with it. If you don't want to show him the code or give access to internal logic - make it server side, because if user has root, it's very stupid to try and detect from inside the app if the system has it. Because, as you can see from the article, every bit that gets into the program can be faked.

mateor

Having root is no different than having administrator privileges on your desktop. It doesn't mean anything.

Deeco

No one needs to explain it to me, i was just explaining it for the novices.

mateor

But no one would say having administrator privileges means you are potentially hacking...?

didibus

Well, statistically, you're probably more likely to be trying to circumvent DRM if your phone is rooted. On the other hand, you're also more likely to be hacked.

Matthew Fry

Guh. Wrong thread.

Dennis Ulijn

A downvote for your first, but a possible answer to your question:
The only app i have that doesn't work because of root is an app from my cable company to view live television. By rooting I could download videos or have a live screen capture. My cable company has contracts with content partners that they will do as much as possible to keep illegal recording and sharing to a minimum. But I'm sure this is but one reason to keep your apps away from rooted phones.
P.S. if live screen capture is possible in the future (as part of stock Android) I am sure that Google will add the option for apps to decline it.

trickytree1984

Where is your sense of humour?
:)

Thanks for the info

Guest

You CAN screen capture without rooting the device...

Nathan Blume

But not with audio, right? Wouldn't you have to capture the audio in a separate stream, and then merge them post-capture?

h4rr4r

You do realize there is a headphone jack right?
Merging audio and video post capture is not a larger hurdle.

http://turbofool.com Jarrett Lennon Kaufman

That's a huge hurdle. You want me to output the audio to a secondary device to record it, and then transfer the files to the same machine and mux them back together, with perfect timing? Yeah. Not simple for the vast majority of humans. Easier to pirate.

h4rr4r

There are tools to make this very easy.
It is easier to pirate, because someone did that or something else already for you.

http://turbofool.com Jarrett Lennon Kaufman

Well, obviously someone else already did the work. Someone with far better sources who's far more proficient with the tools. But no, there aren't tools that will make that very easy for nearly ANYONE. You and I? Sure, we could manage it. The people who are being targeted by this limitation to begin with? Everything we've already talked about is too complex. Muxing tools would blow their minds. You're severely overestimating the tech skills of the average person.

h4rr4r

So?
It only takes one. The point is that this DRM does nothing since the average use will just hit up piratebay and be done with it.

didibus

Isn't the screen capture limited in length. Also, I'd assume it does not capture DRMed content. Someone should try it, but I'd be very surprised if it did.

http://turbofool.com Jarrett Lennon Kaufman

You've moved the goalpost. You tried to make it out that recording via screen capture was feasible and easy. I was trying to point out that, in fact, it's not, and there are easier ways to acquire video than that, making the entire thing pointless. Now suddenly THAT's your argument. What point were you trying to make all along, exactly, if you've circled around to mat mine now?

h4rr4r

No I tried to make the point that root detection is useless.

http://turbofool.com Jarrett Lennon Kaufman

No disagreement there. We just don't need to pretend the very difficult process of exporting it off your screen is actually easy when there are easier ways. Just like when they made HDMI mandatory because it was too easy to record via component cables. Who had the equipment necessary to record good quality 1080p over analog cables, when it was easier to crack the disk encryption?

Their efforts are, indeed, pointless, but not because awful, difficult, low-quality options exist on the phone for circumventing them. They're pointless because easy options OFF the phone exist for circumventing them.

h4rr4r

HDCP is also cracked already. You can buy a device that will output to whatever recording device you like. Not good for disks, those are still easier to rip, but for broadcasts and the like.

http://turbofool.com Jarrett Lennon Kaufman

Quite true, but at the time they mandated the switch to HDMI, it hadn't yet been cracked, so it made sense from their own warped view that it was more secure than analog. But it was an insane measure that didn't take anything resembling reality into account. So the same goes for the efforts to block people from using rooted devices. There will always be ways around it, and they only end up hurting the honest people.

Clearly we're on the same page. Only disagreement was on what the reasons were for why this effort was absurd.

h4rr4r

Actually strippers existed pretty much from the beginning. HDCP was not cracked, but HDCP compliant devices were bought and used to create strippers. Not like the LCD on a tv takes an encrypted signal.

Android Developer

headphones have nothing to do with it.
the built in tool to use for video capturing is limited to a certain time and can only record audio from the microphone.

at least, that's what i remember.

h4rr4r

You can record the audio output to another device. Not exactly a new thing

Android Developer

but can you record the audio from the smartphone itself, using the normal tool of capturing, as presented on kitkat?

i can't try it out since i don't have kitkat.

Erstam

It already is possible to do live screen capture by default Rom on nexus 5. Although I agree this is probably why they do it. I think they are fooling themselves by thinking this helps. It's easier to torrent a tv or movie than screen capture it. But that's my opinion.

Also, my bank has never blocked me because of root.

Dennis Ulijn

As far as i know the video capture is only available after a lot of steps that no normal user would ever take... and it might be easier to torrent a movie, but TV-shows are usually captured off-screen. This is usually done with DVR's, but here (The Netherlands) there has been some questions about the legality and possible blocking of DVR's by cable companies.

Cerberus_tm

But a "normal" user would not be rooted either. I would sooner expect someone to wade through some menus inside Android than to unlock and root his phone... I really think it's just overactive, ignorant lawyers who come up with this stuff.

Cerberus_tm

Recording video on your phone or television is legal in Holland!

MarkG

Because root means it's possible to steal content.
Because root means it's possible you have key loggers or other spyware installed
Because root means it's a untrusted platform.
Because root means you are blocking the application vendor's only source of income (ad revenue)

All very valid reasons.

h4rr4r

1. Steal content AKA use my computer the way I want.
2. It is always possible to install key loggers or spyware.
3. Untrusted by whom? A machine I do not have root on, I cannot trust.
4. Then maybe they should find a new source of revenue.

None of those are valid reasons. This is my computer, I will do with it as I like.

Leonardo Pimplapure

LOL. Cold bastard

didibus

1) You don't seem to understand. They don't owe you the software. By using it, you agree to a license. If they say you can not be rooted, you are free to not use their app. But if you use their app, they are free to check if you are rooted. Just as you are free to do what you want with your computer, they are free to give you access or not to their content.

2) It is less likely that you will have spyware or keyloggers on your phone when not rooted and locked. This is just a fact of Android's security. You are more vulnerable when you are rooted, sorry to tell you the truth.

3) You can not trust a machine you do not have root on? That's imbecile. You still know what the machine does. Android is open sourced, so you can actually trust it more then Windows. A machine you do not have access to it's code and specs you can not trust. Root is only a software concept of Android itself, it's not a reality. It would be possible to build an OS without the concept of users, and without the concept of root, it would be just as trustworthy if you had the source code. Anyways, sorry, but this argument is just wrong, there's absolutely no good reasoning behind it. You're probably just afraid that an app shipped with the OS does something wrong, then you'd lack the ability to block it, but at that point, you don't trust the OS itself, and you shouldn't trust it's implementation of root either.

4) Well, that one I agree. They obviously are looking for other ways, because they realise that the current way is prone to a lot of problems, like having people block the ads.

I am totally on the page of allowing people to use their computers as they see fit. And so, if I want root, I should have an official way of getting it. That's my stance. But, I also stand by the fact that you need to understand the potential security risk that it opens up. And I also believe an application developer should be allowed to deny you access to it's app if he doesn't want it to run in an unrooted context.

h4rr4r

1. My machine I own it.
2.This is what SELINUX is for, not disallowing root access. You have a lot to learn about linux.
3. I have no evidence that the binaries on my device match the source given. Which is why I tend to prefer third party roms I can verify. An OS without users will give everyone root. Without root I cannot control the OS if I know what it is or not.

didibus

1) You own the machine, but not the code you downloaded from an online source. That is an agreement, you can complain that they should let you do X and Y, but you can not demand it, it's a negotiation.

2) SELinux isn't present prior to 4.3, and is only enforced on 4.4, so effectively, it doesn't block anything on 4.3, just logs. It's also possible to change the SELinux policy and mode using root. Plus, the default policy restrictions aren't very restrictive. So a root app can still perform a lot of stuff. SELinux is mostly for preventing privileges escalation attacks. You are still more at risk when giving apps root permissions.

3) Well, that's a good point. Though, you can go on downloading Android, compiling it for your device and installing it. This does not mean you need to root it, and it would still be trustworthy. Also, the default bootloader does check the integrity of the OTA update. So, you'd have to not trust your phone manufacturer. An OS without users does not mean an OS that gives all permissions. You've said so yourself by mentioning SELinux. The only argument for root in terms of security is backup and modifying Android to make it even more secure. The backup thing should honestly be addressed, there should a non root official way to do a backup.

Matthew Fry

-Root gives you access to the device you own.
-You can install insecure apps without root. You don't have to have root to be an idiot.
-Root means you actually have to work at securing data instead of half assing it.
-The only developers that disable themselves because of root are large institutions like banks and streaming services. There is not ad revenue. Besides, this argument is invalid because 1) Ad blockers on Android don't require root after successfully changing the host files. 2) Ad blockers exist everywhere.

didibus

Without root you can install an insecure app, but it can not make other apps insecure. Except for a keyboard app, that one could.

Matthew Fry

There have been exploits in Android in the past and there will be again. If you install only root apps you trust and don't install insecure apps you don't, it's highly unlikely.

didibus

Obviously, rooted or not, you need to trust the app you're installing. That's always the most important advice.

trickytree1984

I just wanted to clarify why i asked this for the people down voting. I am in fact not stupid. I am an IT professional. I do understand why, i was simply hoping to prompt a discussion and to get everyone's view on this.

Matthew Fry

You know you're getting the downvotes for posting 'First!' don't play like it's the question you asked that everyone is legitimately answering. You want them to stop, remove that part.

Matthew Fry

Because they're too lazy to do real security and instead rely on the fact that there's parts of your device you can't access. Root access is the same as free for all administrator privileges on Win 98. Since then, they've added things administrators can't do without significant work. Ahh... the days when you could delete Windows while windows was running and watch it die. If your bank will let you access their website with administrator privileges on your windows machine, there's no difference on Android except that the project managers are lazy.

didibus

Free for all administrator privilege in Win 98 was a major security flaw. You're always at risk when you give an app root/admin privileges. This applies to all OS. There's just no way to secure your login info from an app that's allowed to read them. Mobile OS and their lack of root/admin account by default was done for a reason, it's a step forward in security. I'm sure if Google could find a way to keep the sandboxing of apps secure, yet allow root account by default, without introducing any security risk, it would.

Matthew Fry

Even in secure environments you can have safe administrator access and even in insecure environments, people are able to connect to secure online sources. This has nothing to do with the OS security. My point was that businesses used Windows 98 and still managed to do things securely.

didibus

I agree, you can have safe administrator access. I don't think android has it though. Root isn't a part of the package, installing superSU is trusting a 3rd party modification to add the proper extra needed for root support. And, it has already been compromised at least twice that I can remember, where apps could get root without user interaction.

But, I disagree with insecure environments, in such a context, you can not guarantee secure access to an online resource. Well, in security, there is no such thing as guarantee, but, in an insecure environment, there is just no way to even remotely believe you're secured. You basically grant anyone access to local resources of all kind. How do you want to protect against that at the local level?

Matthew Fry

And yet it is done all the time. There are still Windows 98 users out there and they access their secure information through Quicken, browsers, and other applications. You protect on the local level (especially with an application) by serving requests from the app through a secure connection and not store login information in a text file in a specific spot because you rely on the fact that people won't be able to access it. Google Music has no problem with me being rooted. Is it because they don't care if I steal music? Maybe. It's much more likely that they have a secure method of authenticating that doesn't rely on local storage.

didibus

Yes, insecure things are done all the time. People often don't realise how insecure what they do is and how potentially easy it would be to get their info if they were targeted.

When you have a textbox that asks for your username and password. You will click on the box, use a keyboard app to input characters into it, it will get encrypted on the phone using a certain key, then sent over the wire to the server. Because it was encrypted, if someone intercepts this, he can not access the login and password, sure. But if your machine is compromised, an app on your machine could have easily read the input to the textbox out of memory, or as it was being typed, or have access the the key used to encrypt them, etc.

Steven J

Draw over bank app.

Insert textbox over the real one.

Save that data, phone home and send them your username and password.

All possible without root access, just by abusing the permissions system.

If the app is poorly designed, you might even be able to start the bank app's activity with those login credentials, not even informing the user.

Both can be fairly innocuous, at least at first glance. I can imagine a game or something silly like that using both of those (alert window so the user gets... alerts for updates or something... and Internet so you can share your high score with friends.)

Now, to use a root app, you have to either find an exploit in the Su solution (which, I've found one of, so far. Reported publicly 13 Nov, 13 and fixed 16 Nov, 13 by SuperSu and Koush's SuperUser.), and manage to zero-day malware into the wild. Because of Android's default auto-update process, and the fact that SuperSu and probably SuperUser bug you till you update, the likelyhood that outdated versions are still around is excessively low.

Or, you could try to convince a user that your app deserves root access. Which is then on them, as they OK'd the app. And anyone who has root should not OK a root request if they don't know where it came from.

Or, lastly, you could exploit the system itself and create a root exploit. In which case the user's root state is entirely irrelevant, and could even potentially be patched by some methods that require root (namely Xposed).

Now, I find it OK to warn a user that their information could be comprimised. Even give them a nag-screen or something of that nature to make it perfectly clear that they're not in a normal, safe situation. But wasting time that could be spent to properly protect data to detect root, which, as we can see, can be easily bypassed? That's ridiculous.

didibus

You assume people with root don't grant suspicious apps root, yet you declare they give suspicious apps suspicious permissions. Anyways, it's obvious some people don't care, and I understand. Sometime, you just want to do things and be allowed to do so, even if the risk is higher, if you're a knowledgeable user, you want the freedom to assume that risk yourself. I have no problem with that, the bank app should probably display a terms of use agreement instead, that you agree that you can't make them liable for losses due to using the app or rooting.

Steven J

Oh I'd be fine with that. Give me a big scary warning message. That'll scare away people that probably shouldn't have root in the first place, and the people who aren't scared away are probably able to discern whether or not to install root apps like that.

Yeah, there are some people that really just... can't be trusted with root access. Heck, they can't even use the regular permissions system. I agree that for most people, root is probably not a good idea. I just have a problem with developers who lock people like me (I'm an avid root user, did ya notice ;)?) out of apps when we know what we're doing.

Lumi

The only root blocking apps I've used are games (social games) from Japanese developers. Since rooting may allow the player to do things that might damage their revenue, e.g. sending themselves "invite codes" they just blank block rooted phones.

Can you confirm that that module works under Xposed so I don't have to load both Cydia and Xposed on my N5?

Thanks!

devadvance

The original RootCloak module works with Xposed; RootCloak Plus does not.

fl0

Not working for Sparkasse+/Starfinanz Banking, can anyone confirm?

devadvance

Did you add them to the list of apps in RootCloak Plus, and then reboot? Sparkasse is a default app in RootCloak Plus, but Sparkasse+ is not. I do not have an account, but that removed the warning that my device was rooted.

Roy

What apps block access? I have always use rooted phones and I never had a single app with this behaviour.

Matthew Fry

Isis. And I hate it. I hate it so much.

h4rr4r

Disable SELINUX?
Why not write SELINUX policies instead?
Disabling SELINUX is the sure sign that the person who suggests it has no idea what they are doing.

mateor

or now they just distrust NSA by default.

h4rr4r

So read the code. No need to trust the NSA.

mateor

The NSA appears to have weakened or compromised several open source backbones, including TSL and others.

For the record, I have been reading the SeAndroid mailing list for almost a year, from what I see Steve Smalley is credible. But I don't think that it should take a full code audit to have confidence. I would use SeAndroid myself. What I object to is the idea that distrusting an NSA project is ludicrous.

h4rr4r

We are not talking about encrypted stuff here, just read the damn code. Distrusting the NSA is fine, acting like you can't figure it out is nuts.

RozJC

Hey, this actually works!

I can finally use my Banking app! This makes me happy!

DrakeTungsten

I wouldn't trust any bank whose security relies on an app needing to detect root. No compromising code should exist on a user device. It should work like visiting the bank's website. Do they check your PC for root?

Android Developer

if an app has root permission, it can get your bank-app's data and send it to someone that will use it as if he's you.
it's hard, but possible.
however, the bank app should not just stop working . instead, i think it should just present a warning about it.

DrakeTungsten

Or you could just go to the website and be in the same situation with a keylogger that doesn't even require root. My point is if the app is somehow less secure than that, so much so that it refuses to work, then there's a problem with the app. Either in that its security is less than it should be or that the bank is stupid enough to think that's a fix. I'd sooner get a new bank.

Android Developer

there's no reason it won't agree to work. inform yes, but refuse to work?

about keyloggers, well, if the website somehow could know if you are on an insecure environment (wifi without password, no firewall, have a keylogger ...) , it could just warn you, but if you understand the risks (and not all do know about them), it shouldn't force you...

a website cannot do it as far as i know, so it's not a good example. but it might be a good thing for non-tech-savvy people.

The weird thing is that some devices that you can buy are already with root. this could be of a security concern to non-tech-savvy people.

DrakeTungsten

Ageed, Google Wallet did exactly that, in fact.

But let's consider the fact that they cannot tell the difference between my having root on my phone and what apps may or may not have root. If the bank's app refuses to work because they fear me having access to something I shouldn't, then I'd need another bank.

Android Developer

maybe they didn't put any kind of protection for rooted devices, so they don't want to take the risk.
still, it shouldn't block you from using it.

even the web browser works with rooted devices, and apps could probably get all the cookies from it using root...

didibus

I would have thought it be more content distribution apps, the ones using DRM, like movie or music streaming that would check for root.

I can see a bank checking for root, the truth is that rooted users are more at risk of malware, viruses, keyloggers, etc. Even on the website, you are more at risk, but I'm guessing they have no way of detecting root from the website, so they can not block the use of it.

Obviously, they should be encrypting the data, and caching as little of it as possible, and making sure to clean behind it. But with root, you allow any other rooted app to read your bank app's files and memory, to listen to what it sends and receives over the internet, and to log all actions performed by the user to it. And don't forget, bank apps are probably prime target for malicious apps.

My point is that, there is no way to secure an app against root. That's the point of root, it allows a rooted app to do everything it wants.

Steven J

Not exactly. Root is usually more secure because it allows you to patch the very security holes that allow you to get root in the first place. Any user who has any sense won't give com.hacker.stealyourdata root access via Superuser or SuperSu. Malware will probably use an exploit to get root access anyways, so your root state is completely irrelevant.

Most computers (Windows, Linux, Mac OSX) come pre-rooted. How are we supposed to secure things there? There are methods to ensure that even with root access, your data will not be compromised.

didibus

You say Root is usually more secure, I'd say it least often is. Using Root privileges to circumvent security loopholes is more secure, but I strongly believe under 5% of rooted users use root to do so. Most users who root use root to install apps that require root privileges.

I understand that root can be broken down by malware et al, just as it is broken down when you acquire root and install an app to control it. Those app are also not always protected against malware, as they have been abused to give root permissions to certain apps before and probably will again. In fact, this reality is why SEAndroid is greatly needed, and being implemented slowly by Google.

My point remains, as soon as someone has allowed a 3rd party app root privileges, that app is a potential security leak. I'm certain most rooted users have allowed apps to be rooted, without thinking much about the trust they give the dev of the app. So I still can see why a bank wouldn't want to take any chance.

Steven J

Yes, the root control apps can be comprimised. However, most of the root control devs are extremely fast at updating and fixing the bugs. That cannot be said of those who fix security holes in stock firmware for assorted reasons. Therefore, the root control apps are almost always updated much sooner than the stock system.
The point still stands that if you assume that your app is safe because the end users don't have root access, you're not secure. It's along the lines of "security by obscurity". If the bank app developers don't take the time to secure their app, and instead refuse to let it work in a rooted environment, that's on them. The fact is in a system as complex as Android, you cannot ever assume that a user or malicious app will not have unrestricted access to the system. You must ensure through other means that your clients' data is secured.

didibus

Oh, I agree completely. But if I was making a bank app, and wanted to secure it as much as possible, I'd do both. I'd secure it as much as I can assuming complete access, and I'd also prevent it from running on Androids that allows 3rd party apps to have complete access.

And I also agree on the update part, it's a shame Android doesn't have an update mechanism. Every Time a security breach is found, an entire upgrade of the OS is required.

Elislurry

If this hides root from Mobile Iron this is gonna be awesome.

Zach Berger

Please share if it works!

http://royblumenthal.com/portfolio royblumenthal

Yes! Finally! I've just used the two apps to successfully use the South African DStv Drifta device with my Galaxy Note 2!

Stacey Liu

Why is Xposed more popular than Cydia Substrate in the first place? From what I can tell, Cydia is superior in many ways.

Just because it's from a famous iOS dev doesn't mean there's something wrong with it.

enomele

Exposed has been around longer. Cydia is finally gaining some traction though.

Cerberus_tm

Is Cydia really superior? Is it perhaps not harder to program for, or more limited in other ways? I have no idea, but I'd like to know. (So far, Xposed seem to be able to anything imaginable.)

Android Developer

How do the apps check if the device is rooted? by asking to get root permission? like what gamevil does?

HomerSp

Most check for the existence of the su executable (generally in /system/xbin/) or if you have one of the SU apps installed.

Android Developer

but wouldn't it in itself require root permission?
also, are you sure that the existence of the apps (or the file) mean that the device is rooted?

Steven J

Reading /system doesn't need root.
And no, you're not. That's why it's so silly. Some tablets (thinking the $50 ChinaPads here) come with a neutered su binary that's still not easily accessible. And of course, the people buying these $50 ChinaPads probably don't know anything about root access and will call the bank asking why their bank app doesn't work on their brand new tablet.
It's really just a bad model.

Android Developer

didn't know about that. so this mean that the existence of the "su" file doesn't always mean that the device is really rooted, right (because of the devices you've talked about) ?

so what is a good way to know if the device is rooted?

Steven J

Honestly, there's not a good way to, at least not with the way android system is set up.
You can request root access, but anyone who's smart would deny it.
You can check for /system/xbin/su, but that can lead to false positives.
Same with looking for supersu or superuser.

And, of course, these can all be defeated by something like this, that hides it at a really low level. It's honestly similar to playing a game of cat and mouse. It's really not a feasible method at all.

Android Developer

i see.
why would a chinese tablet have an "su" file which doesn't do anything?

Steven J

Because they didn't remove it... lol

Pretty sure it would be the same generic "su" file used when building firmwares that would normally be removed by OEMs.
I only really had a tiny experience with it, but you could "su" if you were in ADB shell or some other shell. Apps on the phone couldn't use it though IIRC.

Cat Astrophy

I wonder if this will work on Square Enix games like FF Dimensions that won't work on rooted Androids

Paul

how does it compare to hide my root?

Brenda

Pardon for my stupidity, but how the hell is normal app allowed to detect root ? It's contradict my common sense.
I mean, root is superuser right ? The highest administrator of user.
While normal app is just using a normal user account.

I always thought that, higher authority (superuser) is allowed to know every user below it, that's normal.
But the reverse should not be true. Normal user don't need to know who/what the superuser account is, don't they ? They should just behave like normal app, access normal resource, etc.

Basically, my question is, normal app should never know/query anything root-related, so how they allowed to detect root at first place ? Isn't that a security issue by itself ?
Is there a privilege for normal user to query root/superuser ?

Thanks in advance.
-B

Matthew Fry

They could try requesting root access. That's a common one (which people get around by hiding su).

Steven J

They can test for "evidence" of root.
Namely testing if /system/xbin/su exists (/system is 554 normally), or testing for apps like Superuser or SuperSu. You're right though, it's not really possible to *actually* test for root.

EDIT: Or like Matthew Fry said - you could check for root. Any root-savvy user would catch that though and deny it, thus meaning it appears there is no root.

didibus

Snapchat should be looking for root, it would prevent all those easy screen caps from it.